Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4 matches found

Cvelist
Cvelistadded 2024/08/09 12:0 a.m.26 views

CVE-2024-41570

An Unauthenticated Server-Side Request Forgery SSRF in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server...

0.74071EPSS
Exploits6References1
Positive Technologies
Positive Technologiesadded 2024/08/09 12:0 a.m.3 views

PT-2024-29448 · Havoc · Havoc

The affected software is Havoc 2, specifically version 0.7. This version is affected by an Unauthenticated Server-Side Request Forgery SSRF issue in demon callback handling, allowing attackers to send arbitrary network traffic from the team server, potentially leading to Remote Code Execution RCE...

9.8CVSS8.1AI score0.74071EPSS
Exploits6References16
Vulnrichment
Vulnrichmentadded 2024/08/09 12:0 a.m.18 views

CVE-2024-41570

An Unauthenticated Server-Side Request Forgery SSRF in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server...

7AI score0.74071EPSS
Exploits6References1
CVE
CVEadded 2024/08/09 12:0 a.m.82 views

CVE-2024-41570

CVE-2024-41570 describes an unauthenticated SSRF in Havoc 2 (team server) demon callback handling, enabling attackers to cause arbitrary network traffic to be emitted from the Havoc team server. Connected sources confirm visible exploit PoCs and chained RCE narratives in Havoc C2-related reposito...

9.8CVSS7.3AI score0.74071EPSS
Exploits6References1Affected Software1
Rows per page
Query Builder